Privacy Policy
Last updated: April 2, 2026
1. Introduction
Digitalog Technologies Inc. (“Company,” “we,” “us,” or “our”) operates Marcomm, an AI-powered press release management platform (the “Service”). This Privacy Policy explains how we collect, use, store, disclose, and protect your personal data when you use the Service.
This policy is designed to comply with the General Data Protection Regulation (GDPR) of the European Union, the California Consumer Privacy Act (CCPA), the Act on the Protection of Personal Information (APPI) of Japan, the Personal Data Protection Act (PDPA) of Singapore, and the Personal Information Protection Act (PIPA) of the Republic of Korea.
By using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with this policy, please do not use the Service.
2. Personal Data We Collect
2.1 Information You Provide
- Account information: name, email address, phone number, company name, job title, and profile photo.
- Billing information: payment method details, billing address, and transaction history (processed through third-party payment processors).
- Content data: press releases, media lists, contact databases, and other materials you create or upload.
- Communications: messages you send to us via support channels, email, or feedback forms.
2.2 Information Collected Automatically
- Device and browser data: IP address, browser type and version, operating system, device identifiers, and screen resolution.
- Usage data: pages viewed, features used, click patterns, session duration, and referring URLs.
- Log data: server logs including access times, error logs, and API call records.
2.3 Information from Third Parties
- OAuth providers: when you sign in via Google, Microsoft, or other OAuth providers, we receive your name, email, and profile picture as permitted by your authorization.
- Analytics partners: aggregated analytics and performance data from third-party services we use.
3. Purposes of Processing
We process your personal data for the following purposes:
- Providing, operating, and maintaining the Service;
- Creating and managing your user account;
- Processing transactions and sending related billing information;
- Providing AI-assisted content drafting and distribution features;
- Communicating with you about the Service, including updates, security alerts, and support messages;
- Analyzing usage patterns to improve and optimize the Service;
- Detecting, preventing, and addressing fraud, abuse, and security issues;
- Complying with legal obligations and responding to lawful requests;
- Enforcing our Terms of Service and other agreements.
4. Legal Basis for Processing (GDPR Article 6)
For users in the European Economic Area (EEA), our legal basis for processing personal data includes:
- Performance of a contract (Art. 6(1)(b)): processing necessary to provide the Service you have subscribed to.
- Legitimate interests (Art. 6(1)(f)): improving our Service, preventing fraud, ensuring security, and conducting analytics, where these interests are not overridden by your data protection rights.
- Consent (Art. 6(1)(a)): where you have given explicit consent, such as for marketing communications or optional cookies.
- Legal obligation (Art. 6(1)(c)): processing necessary to comply with applicable laws, such as tax or regulatory requirements.
5. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes described in this policy:
- Account data: retained for the duration of your account plus 30 days after deletion request to allow for recovery.
- Content data: retained for the duration of your subscription. Upon account termination, content is deleted within 90 days.
- Billing data: retained for 5 years to comply with tax and accounting obligations under Korean law.
- Log and analytics data: retained for up to 12 months, then anonymized or deleted.
- Support communications: retained for up to 3 years for quality assurance and dispute resolution.
6. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
6.1 Rights Under GDPR (EU/EEA)
- Right of access: request a copy of the personal data we hold about you.
- Right to rectification: request correction of inaccurate or incomplete data.
- Right to erasure: request deletion of your personal data (“right to be forgotten”).
- Right to data portability: request your data in a structured, commonly used, machine-readable format.
- Right to restriction of processing: request that we limit the processing of your data.
- Right to object: object to the processing of your data based on legitimate interests or for direct marketing purposes.
- Right to withdraw consent: withdraw consent at any time where processing is based on consent.
- Right to lodge a complaint: file a complaint with a supervisory authority.
6.2 Rights Under CCPA (California)
- Right to know what personal information is collected and how it is used.
- Right to delete personal information.
- Right to opt-out of the sale of personal information (we do not sell your data).
- Right to non-discrimination for exercising your privacy rights.
6.3 Rights Under PIPA (Korea)
- Right to access and request copies of your personal information.
- Right to request correction or deletion.
- Right to request suspension of processing.
- Right to receive notification of data breaches.
6.4 Rights Under APPI (Japan) and PDPA (Singapore)
- Right to request disclosure and correction of personal data.
- Right to request cessation of use or provision to third parties.
- Right to withdraw consent for data processing.
To exercise any of these rights, please contact our Data Protection Officer at dpo@digitalog.co. We will respond within 30 days (or within the timeframe required by applicable law).
8. International Data Transfers
Your personal data may be transferred to and processed in countries other than your country of residence, including the Republic of Korea, where our primary servers are located, and other jurisdictions where our service providers operate.
For transfers from the EEA, we rely on appropriate safeguards including:
- Standard Contractual Clauses (SCCs) approved by the European Commission;
- Adequacy decisions where applicable;
- Your explicit consent where required.
For transfers subject to PIPA (Korea), APPI (Japan), or PDPA (Singapore), we ensure equivalent levels of data protection through contractual arrangements with our service providers.
9. AI Data Processing
Marcomm uses artificial intelligence to assist users in drafting press releases and related content. With respect to AI processing:
- Content you input into AI features may be processed by third-party AI service providers. We ensure appropriate data processing agreements are in place with these providers.
- We do not use your content to train our AI models without your explicit opt-in consent.
- AI-generated outputs are provided “as is.” The Company disclaims all warranties and liability regarding the accuracy, reliability, or fitness of AI-generated content for any purpose.
- You retain full control over and responsibility for all content produced with AI assistance. The decision to use, modify, or distribute such content is solely yours.
- We implement technical measures to minimize the retention of personal data within AI processing pipelines, and input data is not persistently stored by AI providers beyond the duration of the processing request.
10. Children's Privacy
The Service is not intended for individuals under the age of 16 (or the applicable minimum age in your jurisdiction). We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal data from a child, we will take steps to delete such data promptly. If you believe that a child has provided personal data to us, please contact our Data Protection Officer.
11. Third-Party Services
We use third-party service providers for infrastructure, analytics, payment processing, and AI capabilities. These providers are contractually obligated to process your data only as instructed and to maintain appropriate security measures.
The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of such third parties. We encourage you to review their privacy policies before providing any personal data.
12. Data Security
We implement industry-standard technical and organizational measures to protect your personal data, including:
- Encryption of data in transit (TLS 1.2+) and at rest (AES-256);
- Access controls and role-based permissions;
- Regular security assessments and penetration testing;
- Incident response and breach notification procedures;
- Employee security awareness training.
While we strive to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.
13. Governing Law
This Privacy Policy shall be governed by and construed in accordance with the laws of the Republic of Korea. Any dispute arising out of or in connection with this policy shall be subject to the exclusive jurisdiction of the Seoul Central District Court (서울중앙지방법원), Republic of Korea.
This clause does not affect your statutory rights under GDPR, CCPA, APPI, PDPA, or PIPA to lodge complaints with your local supervisory authority or to bring claims in your local courts.
14. Language Priority
This Privacy Policy may be provided in multiple languages for your convenience. In the event of any conflict, discrepancy, or inconsistency between the Korean-language version and any other language version, the Korean-language version shall prevail and take precedence.
15. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice within the Service at least fourteen (14) days before they take effect. We encourage you to review this policy periodically.
16. Data Protection Officer
For any questions, concerns, or requests related to your personal data or this Privacy Policy, please contact our Data Protection Officer: